Updates in stable releases

Hi,
I think in general we are either too strict in what we allow as
updates to stable or people think it's not going to be allowed and
so don't even try to get updates to stable.
The last time I asked about this, I got this as reply:
https://lists.debian.org/debian-devel/2013/09/msg00466.html
I want to start by giving some examples of things that got updated
in stable point releases that I know about:
- linux was 3.2.41-2 in 7.0, 3.2.51-1 in 7.3, 3.2.53-2 in
proposed-updates
- iceweasel was 10.0.12esr-1 in 7.0, is now 17.0.10esr-1~deb7u1
- postgresql-9.1 was 9.1.9-1, now 9.1.11-0wheezy1
Clearly new upstream releases are acceptable under some
conditions. But it's not clear to me what those conditions are.
The rules seem to suggest that we need a priority important bug
in the Debian BTS. Does that mean that if upstream makes a bugfix
release we need to file bugs in the Debian BTS for each fix that
we consider important and backports just those bugfixes, or would
uploading such bugfix releases be allowed?
How about more than just bugfixes? For instance would new
features be allowed, and in what case? It seems that at least for
the linux kernel support gets added for new hardware.
One thing I had in mind for an update to apache is to have the
version in stable support ECDHE which the version in stable
currently doesn't do. And I think the general feeling from people
is that this is going to be rejected and so don't even try and
ask.
Kurt